Drop `CN-ID` (`Common Name`) validation per `RFC 9525` Service Identity in TLS

[jsoref]

Appendix A. Changes from RFC 6125

The server identity can only be expressed in the subjectAltNames extension; it is no longer valid to use the commonName RDN, known as CN-ID in [VERIFY].

Honoring this RFC will fix the poor error message in:

nginx-auth-ldap/ngx_http_auth_ldap_module.c

Line 1356 in 83c059b

"does not match address (neither server's domain nor IP in certificate's CN or SAN)");